CVE-2017-2804
First published: Thu Jul 20 2017(Updated: )
A remote out of bound write vulnerability exists in the TIFF parsing functionality of Core PHOTO-PAINT X8 18.1.0.661. A specially crafted TIFF file can cause a vulnerability resulting in potential memory corruption. An attacker can send the victim a specific TIFF file to trigger this vulnerability.
Credit: talos-cna@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Corel Coreldraw Photo Paint X8 | =18.1.0.661 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2017-2804?
CVE-2017-2804 is a remote out of bound write vulnerability in the TIFF parsing functionality of Core PHOTO-PAINT X8 18.1.0.661.
What is the severity of CVE-2017-2804?
The severity of CVE-2017-2804 is high, with a severity value of 7.8.
How does CVE-2017-2804 work?
CVE-2017-2804 can be triggered by a specially crafted TIFF file, causing memory corruption.
Which software is affected by CVE-2017-2804?
Corel Coreldraw Photo Paint X8 version 18.1.0.661 is affected by CVE-2017-2804.
How can I fix CVE-2017-2804?
To fix CVE-2017-2804, update Corel Coreldraw Photo Paint X8 to a version that is not affected.
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/tags
- agent/type
- agent/description
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/corel
- canonical/corel coreldraw photo paint x8
- version/corel coreldraw photo paint x8/18.1.0.661